How the hell do I get rid of a keylogger?

[yojetak]

Soooo I've apparently picked up a keylogger on my computer and I have no idea how to find it or get rid of it. My virus protection was woefully out of date and I need a new one.

This bastard has not only wiped out my WoW account, but he's in my gmail and school emails.

I fecking need help!

[RavynousHunter]

Keyloggers and other malware are usually stored in the System32 folder, go there and sort by date. Look for any dates that look out of place, like 3/5/1992 or something like that. If you find nothing there, sort by type and scroll down to the .DLL's. Look for ones with odd names, right-click them and do "Properties." Look under the "Version" tab, and check ALL the information there. Look for anything out of the ordinary. If you find nothing in the .DLL's, check the *.OCX files with the same method.

If you find something, try deleting it (Shift+Del). If you cannot or it returns, download a hex editor and mangle the file. Check it a few seconds later, if it changed back, you got a bad problem.

First, try that, if they don't work, tell me.

[yojetak]

One problem. I have a mac.

[RavynousHunter]

Well...shit.

[Mira]

I hope you aren't using your mac right now. I would recommend at least unplugging your internet cable. Get to another computer so you can change all your passwords and secure as much as possible. Until you can find a Mac expert quarantine the situation.

[yojetak]

Sept 6, 2009 0:16:44 GMT -5 Mira said:

I hope you aren't using your mac right now. I would recommend at least unplugging your internet cable. Get to another computer so you can change all your passwords and secure as much as possible. Until you can find a Mac expert quarantine the situation.

Argh! I have no other computer!

[ottery]

Sept 6, 2009 0:32:17 GMT -5 @yojetak said:

Sept 6, 2009 0:16:44 GMT -5 Mira said:

I hope you aren't using your mac right now. I would recommend at least unplugging your internet cable. Get to another computer so you can change all your passwords and secure as much as possible. Until you can find a Mac expert quarantine the situation.

Argh! I have no other computer!

Do you have a local library that has public computers? They'll usually let you on to check your mail and such. If not, internet cafe is always a good shot.

[SimSim]

Do you know which logger you have? If you don't, download the program Little Snitch, it'll show all programs that are connecting out. Look for any programs connecting that don't seem normal. If you don't know what's normal or not, post the output. If you do find something that looks odd, prevent it from connecting out.

Then there is always the last resort if everything else fails, reinstall.

[Tiger]

Keyloggers can affect macs now? Shit.

Okay, first and most obviously, don't log in to anything important.

Second, download Little Snitch. It's a connection monitor that will auto-block any network connections unless and until you authorize them. Kill anything that you don't recognize - it may be the keylogger trying to send out what it's recorded. It should also give you the name of the keylogger program so that you can find it and destroy it.

Lastly, I use a virus scanner called ClamXav. Download it and run a scan.

[SimSim]

Yeah, there have been keyloggers for Macs for awhile now Tiger. Macs are only "safer" because they are a smaller market share than Windows comps, but viruses, keyloggers, malware, etc do exist for them. As more people use Macs, you'll see more of the bad stuff.

[Tiger]

Sept 6, 2009 10:58:32 GMT -5 SimSim said:

Yeah, there have been keyloggers for Macs for awhile now Tiger. Macs are only "safer" because they are a smaller market share than Windows comps, but viruses, keyloggers, malware, etc do exist for them. As more people use Macs, you'll see more of the bad stuff.

Yeah, I know. Just never heard of it happening before.

[yojetak]

okay so I downloaded little snitch, I just don't know what's good and what's bad.

[the sandman]

Heh heh heh heh....you do realize with that screenshot we can now steal your WoW account......

[yojetak]

Sept 6, 2009 13:25:26 GMT -5 the sandman said:

Heh heh heh heh....you do realize with that screenshot we can now steal your WoW account......

oh poop.

edit: it's not like you'd be able to steal much as it's been banned by the fucking hackers and stripped clean. But I edited it anywayzzzzzz.

[RavynousHunter]

'Ey, got nothin to worry about from me: I don't play WoW. That and stealing accounts is for pussies who can't get what they want legitimately.